With rapid growth of data processing services and network complexity of information systems such as data center systems and office information systems, data flow between various devices increases explosively. More and more malicious attacks will affect the security and health of the information systems. Therefore, an effective method for determining whether an information system is safe and determining whether the information system should be optimized is required. Since the health/security state of the information system directly affects performance of the information system, determining the health/security state of the information system in advance can ensure normal operation of the information system and even achieve in best mode or condition.
So far, the health (security) state of the information system is determined by manual monitoring according to experiences of MIS (management information system) staff. The MIS staff acquires several indicators from networking devices, and then estimates the health state of the information system according to the indicators and individual experience. While acquiring better indicators during normal functioning of the networking devices, the MIS staff usually judges that the health state of the information system is higher. Otherwise, the information system is judged as in a lower health state.
According to the manual method for determining the health state of the information system, only several indicators are actually utilized. The obtained health state does not reflect the real health state of the information system. Thus, the monitoring effect is not satisfied. Furthermore, since the networking environment changes rapidly and the network complexity increases very fast, it is difficult for the MIS staff to check huge data of increasing indicators effectively or adjust the acquired indicators with the times properly. Another problem is that since the acquired indicators from the networking devices are analyzed according to the individual experience without fixed criterion, the judging results are not objective, and different MIS staffs may give different or even conflicting results about the health state of the information system. This situation is disadvantageous to management of the information system. In summary, the current manual method can not provide an accurate and complete health state estimation in an effective manner.